| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220629171457.amdsrgaxady55hds@treble>
Date: Wed, 29 Jun 2022 10:14:57 -0700
From: Josh Poimboeuf <jpoimboe@...nel.org>
To: Juergen Gross <jgross@...e.com>
Cc: xen-devel@...ts.xenproject.org, x86@...nel.org,
linux-kernel@...r.kernel.org, Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Dave Hansen <dave.hansen@...ux.intel.com>,
"H. Peter Anvin" <hpa@...or.com>
Subject: Re: [PATCH v2 2/3] x86: fix setup of brk area
Hi Juergen,
It helps to actually Cc the person who broke it ;-)
On Thu, Jun 23, 2022 at 11:46:07AM +0200, Juergen Gross wrote:
> Commit e32683c6f7d2 ("x86/mm: Fix RESERVE_BRK() for older binutils")
> put the brk area into the .bss..brk section (placed directly behind
> .bss),
Hm? It didn't actually do that.
For individual translation units, it did rename the section from
".brk_reservation" to ".bss..brk". But then during linking it's still
placed in .brk in vmlinux, just like before.
> causing it not to be cleared initially. As the brk area is used
> to allocate early page tables, these might contain garbage in not
> explicitly written entries.
>
> This is especially a problem for Xen PV guests, as the hypervisor will
> validate page tables (check for writable page tables and hypervisor
> private bits) before accepting them to be used. There have been reports
> of early crashes of PV guests due to illegal page table contents.
>
> Fix that by letting clear_bss() clear the brk area, too.
While it does make sense to clear the brk area, I don't understand how
my patch broke this. How was it getting cleared before?
--
Josh
Powered by blists - more mailing lists